<?php
namespace tool;

class WxSDK {
    private $appId;
    private $appSecret;

    public function __construct($appId, $appSecret) {
        $this->appId = $appId;
        $this->appSecret = $appSecret;
    }

    /**
     * $scope = 'snsapi_base' or 'snsapi_userinfo'
     */
    public function getAuthUrl($redirectUri, $scope = 'snsapi_userinfo', $state = 'state')
    {
        $url = 'https://open.weixin.qq.com/connect/oauth2/authorize?' . 
                'appid=' . $this->appId . '&redirect_uri=' . $redirectUri . '&response_type=code&' . 
                'scope=' . $scope . '&state=' . $state . '#wechat_redirect';
        header("location: " . $url);
        exit(0);
    }


    public function oauth2Callback($code)
    {
        $tokenUrl = "https://api.weixin.qq.com/sns/oauth2/access_token?" . 
                    "appid=". $this->appId . "&secret=" . $this->appSecret . "&code=" . $code . "&grant_type=authorization_code";
        $resp = Utils::curl($tokenUrl, [], [], 'get');
        $result = json_decode($resp, true);

        if ($result['scope'] == 'snsapi_userinfo') {
            $accessToken = $result['access_token'];
            $userInfoUrl = "https://api.weixin.qq.com/sns/userinfo?access_token=" . $accessToken . "&openid=" . $result['openid'] . "&lang=zh_CN";
            return json_decode(Utils::curl($userInfoUrl, [], [], 'get'), true);
        } else {
            return ['openid' => $result['openid']];
        }
    }

    public function getSignPackage($url = '') {
        $jsapiTicket = $this->getJsApiTicket();
        $timestamp = time();
        $nonceStr = $this->createNonceStr();

        // 这里参数的顺序要按照 key 值 ASCII 码升序排序
        $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443) ? "https://" : "http://";
        $url = $url ? $url : "$protocol$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]";
        $string = "jsapi_ticket=$jsapiTicket&noncestr=$nonceStr&timestamp=$timestamp&url=$url";

        $signature = sha1($string);

        $signPackage = array(
          "appId"     => $this->appId,
          "nonceStr"  => $nonceStr,
          "timestamp" => $timestamp,
          "url"       => $url,
          "signature" => $signature,
          "rawString" => $string
        );
        return $signPackage; 
    }

    private function createNonceStr($length = 16) {
        $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
        $str = "";
        for ($i = 0; $i < $length; $i++) {
          $str .= substr($chars, mt_rand(0, strlen($chars) - 1), 1);
        }
        return $str;
    }

    private function getJsApiTicket() {
        // jsapi_ticket 应该全局存储与更新，以下代码以写入到文件中做示例

        $filePath = runtime_path()  . 'jsapi_ticket.json';
        $data = json_decode(@file_get_contents($filePath), true);
        if (empty($data) || ($data['expire_time'] < time())) {
            $accessToken = $this->getAccessToken();
            // 如果是企业号用以下 URL 获取 ticket
            // $url = "https://qyapi.weixin.qq.com/cgi-bin/get_jsapi_ticket?access_token=$accessToken";
            $url = 'https://api.weixin.qq.com/cgi-bin/ticket/getticket?type=jsapi&access_token=' . $accessToken;
            $res = json_decode(Utils::curl($url, [], [], 'get'), true);
            $ticket = $res['ticket'];
            if ($ticket) {
                $data['expire_time'] = time() + 7000;
                $data['jsapi_ticket'] = $ticket;
                file_put_contents($filePath, json_encode($data));
            }
        } else {
            $ticket = $data['jsapi_ticket'];
        }

        return $ticket;
    }

    private function getAccessToken() {
        // access_token 应该全局存储与更新，以下代码以写入到文件中做示例
        $filePath = runtime_path()  . 'access_token.json';
        $data = json_decode(@file_get_contents($filePath), true);
        if (empty($data) || ($data['expire_time'] < time())) {
            // 如果是企业号用以下URL获取access_token
            // $url = "https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=$this->appId&corpsecret=$this->appSecret";
            $url = 'https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=' . $this->appId .'&secret=' . $this->appSecret;
            $res = json_decode(Utils::curl($url, [], [], 'get'), true);
            $access_token = $res['access_token'];
            if ($access_token) {
                $data['expire_time'] = time() + 7000;
                $data['access_token'] = $access_token;
                file_put_contents($filePath, json_encode($data));
            }
        } else {
            $access_token = $data['access_token'];
        }
        return $access_token;
    }

}

